Configure URL Defense

URL Defense is a feature within Advanced Email Security that scans email messages for harmful links. By default, it rewrites links in the message body, except for encrypted messages. You must be an admin for your organization to configure a URL Defense.

If a URL is rewritten, you'll see the following when you hover over it:
https://urldefense.proofpoint.com/v1/url?=...

Note: Only URLs within the message body can be rewritten. Any URLs in attachments can't be rewritten by Proofpoint.

1. Sign in to the Advanced Email Security.
2. Under Security Settings, select Malicious Content > URL Defense.
3. Once you're in the URL Defense section, the following options can be enabled or disabled. Make the changes you want, and select Save.

   Setting	Description
   Rewrite URLs that are located in DKIM signed messages	Rewrite URLs found in DKIM signed messages. Note: DKIM is an email validation system designed to detect email spoofing and check that incoming mail from a domain hasn't been modified during transport. Rewriting URLs in DKIM-signed messages can break the DKIM signature.
   Rewrite URLs that are not located in an anchor tag	Rewrite all URLs that aren’t included within an anchor tag in the source code of the email. Note: Anchor tags are used in HTML to tell a browser or email client where to direct a user when content, such as a URL or image, is clicked. Some email clients will automatically convert the text of a domain name or URL into a clickable link when it wasn’t originally sent as a link.
   Exclude URLs that contain specified domains/IP addresses	Specify domains and/or IP addresses that, when found in a message URL, won't be rewritten. All entries need to be separated by a line, comma or semicolon.
   Exclude active domains associated with this organization	Prevent Proofpoint from rewriting any URLs in messages containing domains within the Proofpoint account.
   Exclude rewriting emails that are sent by specified senders	Email addresses or domains entered in this text area won't have URLs in their message rewritten when sending to a customer using Advanced Email Security. Make sure to only enter explicitly trusted email addresses or domains here. All entries need to be separated by line, comma or semicolon.
   Exclude rewriting bare IP addresses in plain text emails	Prevent rewriting of IP addresses in a plain text email.
   Exclude rewriting URLs in plain text emails	Won't rewrite URLs contained in plain text emails.

More info

• For additional security, enable Multi-Factor Authentication.
• Here are ways you can customize Advanced Email Security.